Example 4: Server are manageable only by admins¶
Here we want to give access to the servers only by admins. All other hosts are fully accessible by connected users from group but not from admins. Anonymous or other users cannot do anything.
---
- description: Servers are restricted to admin only.
hosts:
- +^srv\d\d.*
default: Deny
policies:
- members:
- administrators
rules:
any:
Allow:
- description: All other hosts are open to group, else deny.
hosts:
- +.*
default: Deny
policies:
- members:
- users
rules:
any:
Allow:
...
---
users:
- jre
- sve
- cjo
- mgr
administrators:
- rda
- mal
...